If someone gets access to someone else's session key (on Bitcointalk SMF), can that be abused? I've tried to do something with it in a private window, but get this:
Session verification failed. Please try logging out and back in again, and then try again.
Is this enough to assume there's no risk in leaking a session key, or did I overlook something?